diff options
Diffstat (limited to 'src/lib')
| -rw-r--r-- | src/lib/libcrypto/kdf/tls1_prf.c | 15 |
1 files changed, 8 insertions, 7 deletions
diff --git a/src/lib/libcrypto/kdf/tls1_prf.c b/src/lib/libcrypto/kdf/tls1_prf.c index 6d8263cbae..75b44f4c6c 100644 --- a/src/lib/libcrypto/kdf/tls1_prf.c +++ b/src/lib/libcrypto/kdf/tls1_prf.c | |||
| @@ -1,4 +1,4 @@ | |||
| 1 | /* $OpenBSD: tls1_prf.c,v 1.18 2024/07/09 16:50:07 tb Exp $ */ | 1 | /* $OpenBSD: tls1_prf.c,v 1.19 2024/07/09 16:51:01 tb Exp $ */ |
| 2 | /* | 2 | /* |
| 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project | 3 | * Written by Dr Stephen N Henson (steve@openssl.org) for the OpenSSL project |
| 4 | * 2016. | 4 | * 2016. |
| @@ -68,7 +68,7 @@ | |||
| 68 | #include "evp_local.h" | 68 | #include "evp_local.h" |
| 69 | 69 | ||
| 70 | static int tls1_prf_alg(const EVP_MD *md, | 70 | static int tls1_prf_alg(const EVP_MD *md, |
| 71 | const unsigned char *secret, size_t slen, | 71 | const unsigned char *secret, size_t secret_len, |
| 72 | const unsigned char *seed, size_t seed_len, | 72 | const unsigned char *seed, size_t seed_len, |
| 73 | unsigned char *out, size_t olen); | 73 | unsigned char *out, size_t olen); |
| 74 | 74 | ||
| @@ -316,7 +316,7 @@ tls1_prf_P_hash(const EVP_MD *md, | |||
| 316 | 316 | ||
| 317 | static int | 317 | static int |
| 318 | tls1_prf_alg(const EVP_MD *md, | 318 | tls1_prf_alg(const EVP_MD *md, |
| 319 | const unsigned char *secret, size_t slen, | 319 | const unsigned char *secret, size_t secret_len, |
| 320 | const unsigned char *seed, size_t seed_len, | 320 | const unsigned char *seed, size_t seed_len, |
| 321 | unsigned char *out, size_t olen) | 321 | unsigned char *out, size_t olen) |
| 322 | { | 322 | { |
| @@ -324,7 +324,8 @@ tls1_prf_alg(const EVP_MD *md, | |||
| 324 | if (EVP_MD_type(md) == NID_md5_sha1) { | 324 | if (EVP_MD_type(md) == NID_md5_sha1) { |
| 325 | size_t i; | 325 | size_t i; |
| 326 | unsigned char *tmp; | 326 | unsigned char *tmp; |
| 327 | if (!tls1_prf_P_hash(EVP_md5(), secret, slen/2 + (slen & 1), | 327 | if (!tls1_prf_P_hash(EVP_md5(), |
| 328 | secret, secret_len/2 + (secret_len & 1), | ||
| 328 | seed, seed_len, out, olen)) | 329 | seed, seed_len, out, olen)) |
| 329 | return 0; | 330 | return 0; |
| 330 | 331 | ||
| @@ -332,8 +333,8 @@ tls1_prf_alg(const EVP_MD *md, | |||
| 332 | KDFerror(ERR_R_MALLOC_FAILURE); | 333 | KDFerror(ERR_R_MALLOC_FAILURE); |
| 333 | return 0; | 334 | return 0; |
| 334 | } | 335 | } |
| 335 | if (!tls1_prf_P_hash(EVP_sha1(), secret + slen/2, | 336 | if (!tls1_prf_P_hash(EVP_sha1(), secret + secret_len/2, |
| 336 | slen/2 + (slen & 1), seed, seed_len, tmp, olen)) { | 337 | secret_len/2 + (secret_len & 1), seed, seed_len, tmp, olen)) { |
| 337 | freezero(tmp, olen); | 338 | freezero(tmp, olen); |
| 338 | return 0; | 339 | return 0; |
| 339 | } | 340 | } |
| @@ -342,7 +343,7 @@ tls1_prf_alg(const EVP_MD *md, | |||
| 342 | freezero(tmp, olen); | 343 | freezero(tmp, olen); |
| 343 | return 1; | 344 | return 1; |
| 344 | } | 345 | } |
| 345 | if (!tls1_prf_P_hash(md, secret, slen, seed, seed_len, out, olen)) | 346 | if (!tls1_prf_P_hash(md, secret, secret_len, seed, seed_len, out, olen)) |
| 346 | return 0; | 347 | return 0; |
| 347 | 348 | ||
| 348 | return 1; | 349 | return 1; |